CVE-2017-7555

Debian Bug report logs - #872400 augeas: CVE-2017-7555: Improper handling of escaped strings leading to memory corruption Package: src:augeas; Maintainer for src:augeas is Hilko Bengen <bengen@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 17 Aug 2017 05:27:02 UTC Severity: grave Tags: ...

Augeas could be made to crash if it received specially crafted input ...

Synopsis Important: augeas security update Type/Severity Security Advisory: Important Topic An update for augeas is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, w ...

Synopsis Important: augeas security update Type/Severity Security Advisory: Important Topic An update for augeas is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux 73 Update Services for SAP Sol ...

Han Han of Red Hat discovered that augeas, a configuration editing tool, improperly handled some escaped strings A remote attacker could leverage this flaw by sending maliciously crafted strings, thus causing an augeas-enabled application to crash or potentially execute arbitrary code For the oldstable distribution (jessie), this problem has been ...

A vulnerability was discovered in augeas affecting the handling of escaped strings An attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution ...